不同vpn instance实例之间,不能实现互访。核心交换机10510X上面创建了oa、jiankong、guangbo等vpn instance 实例,不同实例间不能互访,但是要实现指定oa实例终端能访问jiankong实例网络,其他终端不能访问jiankong网络,jiankong实例不能访问oa实例。在模拟器上创建静态路由可实现功能,但是在实际应用中,核心配置完静态路由后不能实现功能。
设置列表
对齐方式
组网情况:所有网关地址都是在核心交换机上
(0)
最佳答案
组网没没问题,没配置信息无法排查
(0)
核心配置文件如下 # version 7.1.070, Release 7595P02 # mdc Admin id 1 # sysname HX # clock timezone beijing add 08:00:00 # tcsm # ip vpn-instance gongwudianhua # ip vpn-instance guangbo # ip vpn-instance jiankong # ip vpn-instance oa # ip vpn-instance qiuzhudianhua # ip vpn-instance shizhong # ip vpn-instance zhuanyongdianhua # telnet server enable # forward-path-detection enable # irf mac-address persistent always irf auto-update enable irf auto-merge enable undo irf link-delay irf member 1 priority 12 irf member 2 priority 1 irf mode normal # ip unreachables enable ip ttl-expires enable ip icmp error-interval 2147483640 # dns server 114.114.114.114 vpn-instance oa # lldp global enable # system-working-mode standard undo password-recovery enable # vlan 1 # vlan 10 # vlan 15 # vlan 20 # vlan 25 # vlan 30 to 38 # vlan 40 # vlan 50 # vlan 52 # vlan 54 # vlan 56 # vlan 58 # vlan 60 to 61 # vlan 70 to 71 # vlan 80 to 81 # vlan 90 # vlan 100 # vlan 105 # vlan 110 to 145 # vlan 200 # vlan 1152 # vlan 2152 # irf-port 1/2 port group interface Ten-GigabitEthernet1/0/0/35 mode enhanced port group interface Ten-GigabitEthernet1/0/0/36 mode enhanced # irf-port 2/1 port group interface Ten-GigabitEthernet2/0/0/35 mode enhanced port group interface Ten-GigabitEthernet2/0/0/36 mode enhanced # traffic classifier re operator and if-match acl 3889 # traffic classifier re2 operator and if-match acl 3889 # traffic classifier test operator and if-match acl 3889 # traffic behavior re redirect interface Bridge-Aggregation1 # traffic behavior re2 redirect interface Ten-GigabitEthernet2/0/0/29 # traffic behavior test accounting # traffic behavior test2 # qos policy re classifier re behavior re # qos policy re2 classifier re2 behavior re2 # qos policy test classifier test behavior test # stp instance 0 root primary # interface Bridge-Aggregation1 port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 undo stp enable # interface Bridge-Aggregation2 port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface Bridge-Aggregation30 port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 50 to 58 105 # interface Bridge-Aggregation31 port link-type trunk port trunk permit vlan all # interface NULL0 # interface Vlan-interface15 description guangbo ip binding vpn-instance guangbo ip address 10.100.10.254 255.255.255.0 local-proxy-arp enable # interface Vlan-interface20 description shizhong ip binding vpn-instance shizhong ip address 10.100.20.254 255.255.255.0 local-proxy-arp enable # interface Vlan-interface25 description pis ip address 10.100.1.254 255.255.255.0 pim dm igmp enable local-proxy-arp enable # interface Vlan-interface30 description jiankong ip binding vpn-instance jiankong ip address 10.100.30.254 255.255.255.0 local-proxy-arp enable # interface Vlan-interface31 description jiankong ip binding vpn-instance jiankong ip address 10.100.31.254 255.255.255.0 local-proxy-arp enable # interface Vlan-interface32 description jiankong ip binding vpn-instance jiankong ip address 10.100.32.254 255.255.255.0 local-proxy-arp enable # interface Vlan-interface33 description jiankong ip binding vpn-instance jiankong ip address 10.100.33.254 255.255.255.0 local-proxy-arp enable # interface Vlan-interface34 description jiankong ip binding vpn-instance jiankong ip address 10.100.34.254 255.255.255.0 local-proxy-arp enable # interface Vlan-interface35 description jiankong ip binding vpn-instance jiankong ip address 10.100.35.254 255.255.255.0 local-proxy-arp enable # interface Vlan-interface36 description jiankong ip binding vpn-instance jiankong ip address 10.100.36.254 255.255.255.0 local-proxy-arp enable # interface Vlan-interface37 description jiankong ip binding vpn-instance jiankong ip address 10.100.37.254 255.255.255.0 local-proxy-arp enable # interface Vlan-interface38 description jiankong ip binding vpn-instance jiankong ip address 10.100.38.254 255.255.255.0 local-proxy-arp enable # interface Vlan-interface40 description ruqingtance ip binding vpn-instance jiankong ip address 10.100.40.254 255.255.255.0 # interface Vlan-interface50 description oa ip binding vpn-instance oa ip address 10.100.50.254 255.255.254.0 proxy-arp enable tcp mss 1000 # interface Vlan-interface52 description oa ip binding vpn-instance oa ip address 10.100.52.254 255.255.254.0 proxy-arp enable # interface Vlan-interface54 description oa ip binding vpn-instance oa ip address 10.100.54.254 255.255.254.0 proxy-arp enable # interface Vlan-interface56 description oa ip binding vpn-instance oa ip address 10.100.56.254 255.255.254.0 proxy-arp enable # interface Vlan-interface58 description oa ip binding vpn-instance oa ip address 10.100.58.254 255.255.254.0 proxy-arp enable # interface Vlan-interface60 description gongwudianhua ip binding vpn-instance gongwudianhua ip address 10.100.60.254 255.255.255.0 local-proxy-arp enable # interface Vlan-interface61 description gongwudianhua ip binding vpn-instance gongwudianhua ip address 10.100.61.254 255.255.255.0 local-proxy-arp enable # interface Vlan-interface70 description qiuzhudianhua ip binding vpn-instance qiuzhudianhua ip address 10.100.70.254 255.255.255.0 local-proxy-arp enable # interface Vlan-interface71 description qiuzhudianhua ip binding vpn-instance qiuzhudianhua ip address 10.100.71.254 255.255.255.0 local-proxy-arp enable # interface Vlan-interface80 local-proxy-arp enable # interface Vlan-interface81 local-proxy-arp enable # interface Vlan-interface90 description ups ip binding vpn-instance jiankong ip address 10.100.90.254 255.255.255.0 local-proxy-arp enable # interface Vlan-interface100 ip address 10.100.100.254 255.255.255.0 local-proxy-arp enable # interface Vlan-interface105 description oms ip binding vpn-instance oa ip address 10.100.105.254 255.255.255.0 local-proxy-arp enable # interface Vlan-interface114 # interface Vlan-interface200 ip binding vpn-instance oa ip address 10.100.200.254 255.255.255.0 local-proxy-arp enable # interface Vlan-interface1152 ip address 10.80.100.76 255.255.255.0 local-proxy-arp enable # interface Vlan-interface2152 ip address 10.81.100.76 255.255.255.0 local-proxy-arp enable # interface GigabitEthernet1/1/0/35 port link-mode route ip address 10.100.110.241 255.255.255.0 # interface GigabitEthernet1/0/0/1 port link-mode bridge description to_jiankong_jieru port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet1/0/0/2 port link-mode bridge description to_jiankong_jieru port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet1/0/0/3 port link-mode bridge description To_OA_huiju port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet1/0/0/4 port link-mode bridge description To_OA_huiju port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet1/0/0/5 port link-mode bridge description To_PIS_jieru port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet1/0/0/6 port link-mode bridge description To_PIS_jieru port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet1/0/0/7 port link-mode bridge description To_dianhua_jieru port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet1/0/0/8 port link-mode bridge description To_dianhua_jieru port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet1/0/0/9 port link-mode bridge description To_shizhong_jieru port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet1/0/0/10 port link-mode bridge description To_shizhong_jieru port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet1/0/0/11 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 50 to 58 105 port link-aggregation group 30 # interface GigabitEthernet1/0/0/12 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 50 to 58 105 port link-aggregation group 30 # interface GigabitEthernet1/0/0/13 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet1/0/0/14 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet1/0/0/15 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet1/0/0/16 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet1/0/0/17 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet1/0/0/18 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet1/0/0/19 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet1/0/0/20 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet1/0/0/21 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet1/0/0/22 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet1/0/0/23 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet1/0/0/24 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet1/0/0/25 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet1/0/0/26 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet1/0/0/27 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet1/0/0/28 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet1/0/0/37 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet1/0/0/38 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet1/0/0/39 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet1/0/0/40 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet1/0/0/41 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet1/0/0/42 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet1/0/0/43 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet1/0/0/44 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet1/0/0/45 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet1/0/0/46 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet1/0/0/47 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet1/0/0/48 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet1/1/0/1 port link-mode bridge port access vlan 100 stp edged-port # interface GigabitEthernet1/1/0/2 port link-mode bridge port access vlan 100 stp edged-port # interface GigabitEthernet1/1/0/3 port link-mode bridge port access vlan 100 stp edged-port # interface GigabitEthernet1/1/0/4 port link-mode bridge port access vlan 100 stp edged-port # interface GigabitEthernet1/1/0/5 port link-mode bridge port access vlan 100 stp edged-port # interface GigabitEthernet1/1/0/6 port link-mode bridge port access vlan 100 stp edged-port # interface GigabitEthernet1/1/0/7 port link-mode bridge port access vlan 100 stp edged-port # interface GigabitEthernet1/1/0/8 port link-mode bridge port access vlan 100 stp edged-port # interface GigabitEthernet1/1/0/9 port link-mode bridge port access vlan 100 stp edged-port # interface GigabitEthernet1/1/0/10 port link-mode bridge port access vlan 100 stp edged-port # interface GigabitEthernet1/1/0/11 port link-mode bridge port access vlan 100 stp edged-port # interface GigabitEthernet1/1/0/12 port link-mode bridge port access vlan 100 stp edged-port # interface GigabitEthernet1/1/0/13 port link-mode bridge port access vlan 100 stp edged-port # interface GigabitEthernet1/1/0/14 port link-mode bridge port access vlan 100 stp edged-port # interface GigabitEthernet1/1/0/15 port link-mode bridge # interface GigabitEthernet1/1/0/16 port link-mode bridge port access vlan 105 # interface GigabitEthernet1/1/0/17 port link-mode bridge port access vlan 25 stp edged-port # interface GigabitEthernet1/1/0/18 port link-mode bridge port access vlan 25 stp edged-port # interface GigabitEthernet1/1/0/19 port link-mode bridge port access vlan 25 stp edged-port # interface GigabitEthernet1/1/0/20 port link-mode bridge port access vlan 25 stp edged-port # interface GigabitEthernet1/1/0/21 port link-mode bridge port access vlan 25 stp edged-port # interface GigabitEthernet1/1/0/22 port link-mode bridge port link-type trunk port trunk permit vlan all stp edged-port # interface GigabitEthernet1/1/0/23 port link-mode bridge port link-type trunk port trunk permit vlan all stp edged-port # interface GigabitEthernet1/1/0/24 port link-mode bridge port access vlan 25 stp edged-port # interface GigabitEthernet1/1/0/25 port link-mode bridge port access vlan 25 stp edged-port # interface GigabitEthernet1/1/0/26 port link-mode bridge port access vlan 25 stp edged-port # interface GigabitEthernet1/1/0/27 port link-mode bridge port access vlan 25 stp edged-port # interface GigabitEthernet1/1/0/28 port link-mode bridge port access vlan 25 stp edged-port # interface GigabitEthernet1/1/0/29 port link-mode bridge port access vlan 25 stp edged-port # interface GigabitEthernet1/1/0/30 port link-mode bridge port access vlan 25 stp edged-port # interface GigabitEthernet1/1/0/31 port link-mode bridge port access vlan 25 stp edged-port # interface GigabitEthernet1/1/0/32 port link-mode bridge port access vlan 25 stp edged-port # interface GigabitEthernet1/1/0/33 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 15 25 34 90 1152 port trunk pvid vlan 1152 speed 100 # interface GigabitEthernet1/1/0/34 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 15 25 34 90 2152 port trunk pvid vlan 2152 speed 100 # interface GigabitEthernet1/1/0/36 port link-mode bridge port access vlan 25 stp edged-port # interface GigabitEthernet1/1/0/37 port link-mode bridge port access vlan 25 stp edged-port # interface GigabitEthernet1/1/0/38 port link-mode bridge port access vlan 25 stp edged-port # interface GigabitEthernet1/1/0/39 port link-mode bridge port access vlan 25 stp edged-port # interface GigabitEthernet1/1/0/40 port link-mode bridge port access vlan 25 stp edged-port # interface GigabitEthernet1/1/0/41 port link-mode bridge port access vlan 25 stp edged-port # interface GigabitEthernet1/1/0/42 port link-mode bridge port access vlan 25 stp edged-port # interface GigabitEthernet1/1/0/43 port link-mode bridge port access vlan 25 stp edged-port # interface GigabitEthernet1/1/0/44 port link-mode bridge port access vlan 25 stp edged-port # interface GigabitEthernet1/1/0/45 port link-mode bridge port access vlan 25 stp edged-port # interface GigabitEthernet1/1/0/46 port link-mode bridge port access vlan 25 stp edged-port # interface GigabitEthernet1/1/0/47 port link-mode bridge port access vlan 25 stp edged-port # interface GigabitEthernet1/1/0/48 port link-mode bridge port link-type trunk port trunk permit vlan all packet-filter 3000 outbound # interface GigabitEthernet1/2/0/1 port link-mode bridge port access vlan 20 stp edged-port # interface GigabitEthernet1/2/0/2 port link-mode bridge port access vlan 20 stp edged-port # interface GigabitEthernet1/2/0/3 port link-mode bridge port access vlan 20 stp edged-port # interface GigabitEthernet1/2/0/4 port link-mode bridge port access vlan 20 stp edged-port # interface GigabitEthernet1/2/0/5 port link-mode bridge port access vlan 20 stp edged-port # interface GigabitEthernet1/2/0/6 port link-mode bridge port access vlan 20 stp edged-port # interface GigabitEthernet1/2/0/7 port link-mode bridge port access vlan 20 stp edged-port # interface GigabitEthernet1/2/0/8 port link-mode bridge port access vlan 20 stp edged-port # interface GigabitEthernet1/2/0/9 port link-mode bridge port access vlan 20 stp edged-port # interface GigabitEthernet1/2/0/10 port link-mode bridge port access vlan 20 stp edged-port # interface GigabitEthernet1/2/0/11 port link-mode bridge port access vlan 20 stp edged-port # interface GigabitEthernet1/2/0/12 port link-mode bridge port access vlan 20 stp edged-port # interface GigabitEthernet1/2/0/13 port link-mode bridge port access vlan 20 stp edged-port # interface GigabitEthernet1/2/0/14 port link-mode bridge port access vlan 20 stp edged-port # interface GigabitEthernet1/2/0/15 port link-mode bridge port access vlan 20 stp edged-port # interface GigabitEthernet1/2/0/16 port link-mode bridge port access vlan 20 stp edged-port # interface GigabitEthernet1/2/0/17 port link-mode bridge port access vlan 34 stp edged-port # interface GigabitEthernet1/2/0/18 port link-mode bridge port access vlan 34 stp edged-port # interface GigabitEthernet1/2/0/19 port link-mode bridge port access vlan 34 stp edged-port # interface GigabitEthernet1/2/0/20 port link-mode bridge port access vlan 34 stp edged-port # interface GigabitEthernet1/2/0/21 port link-mode bridge port access vlan 34 stp edged-port # interface GigabitEthernet1/2/0/22 port link-mode bridge port access vlan 34 stp edged-port # interface GigabitEthernet1/2/0/23 port link-mode bridge port access vlan 34 stp edged-port # interface GigabitEthernet1/2/0/24 port link-mode bridge port access vlan 34 stp edged-port # interface GigabitEthernet1/2/0/25 port link-mode bridge port access vlan 34 stp edged-port # interface GigabitEthernet1/2/0/26 port link-mode bridge port access vlan 34 stp edged-port # interface GigabitEthernet1/2/0/27 port link-mode bridge port access vlan 34 stp edged-port # interface GigabitEthernet1/2/0/28 port link-mode bridge port access vlan 34 stp edged-port # interface GigabitEthernet1/2/0/29 port link-mode bridge port access vlan 34 stp edged-port # interface GigabitEthernet1/2/0/30 port link-mode bridge port access vlan 34 stp edged-port # interface GigabitEthernet1/2/0/31 port link-mode bridge port access vlan 34 # interface GigabitEthernet1/2/0/32 port link-mode bridge port access vlan 34 # interface GigabitEthernet1/2/0/33 port link-mode bridge port access vlan 15 stp edged-port # interface GigabitEthernet1/2/0/34 port link-mode bridge port access vlan 15 stp edged-port # interface GigabitEthernet1/2/0/35 port link-mode bridge port access vlan 15 stp edged-port # interface GigabitEthernet1/2/0/36 port link-mode bridge port access vlan 15 stp edged-port # interface GigabitEthernet1/2/0/37 port link-mode bridge port access vlan 15 stp edged-port # interface GigabitEthernet1/2/0/38 port link-mode bridge port access vlan 15 stp edged-port # interface GigabitEthernet1/2/0/39 port link-mode bridge port access vlan 15 stp edged-port # interface GigabitEthernet1/2/0/40 port link-mode bridge port access vlan 15 stp edged-port # interface GigabitEthernet1/2/0/41 port link-mode bridge port access vlan 15 stp edged-port # interface GigabitEthernet1/2/0/42 port link-mode bridge port access vlan 15 stp edged-port # interface GigabitEthernet1/2/0/43 port link-mode bridge port access vlan 15 stp edged-port # interface GigabitEthernet1/2/0/44 port link-mode bridge port access vlan 15 stp edged-port # interface GigabitEthernet1/2/0/45 port link-mode bridge port access vlan 15 stp edged-port # interface GigabitEthernet1/2/0/46 port link-mode bridge port access vlan 15 stp edged-port # interface GigabitEthernet1/2/0/47 port link-mode bridge port access vlan 15 stp edged-port # interface GigabitEthernet1/2/0/48 port link-mode bridge port access vlan 15 stp edged-port # interface GigabitEthernet2/0/0/1 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet2/0/0/2 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet2/0/0/3 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet2/0/0/4 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet2/0/0/5 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet2/0/0/6 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet2/0/0/7 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet2/0/0/8 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet2/0/0/9 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet2/0/0/10 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet2/0/0/11 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet2/0/0/12 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet2/0/0/13 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet2/0/0/14 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet2/0/0/15 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet2/0/0/16 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet2/0/0/17 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet2/0/0/18 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet2/0/0/19 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet2/0/0/20 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet2/0/0/21 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet2/0/0/22 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet2/0/0/23 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet2/0/0/24 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet2/0/0/25 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet2/0/0/26 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet2/0/0/27 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet2/0/0/28 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet2/0/0/37 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet2/0/0/38 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet2/0/0/39 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet2/0/0/40 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet2/0/0/41 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet2/0/0/42 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet2/0/0/43 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet2/0/0/44 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet2/0/0/45 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet2/0/0/46 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet2/0/0/47 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet2/0/0/48 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface GigabitEthernet2/1/0/1 port link-mode bridge port access vlan 40 stp edged-port # interface GigabitEthernet2/1/0/2 port link-mode bridge port access vlan 40 stp edged-port # interface GigabitEthernet2/1/0/3 port link-mode bridge port access vlan 40 stp edged-port # interface GigabitEthernet2/1/0/4 port link-mode bridge port access vlan 40 stp edged-port # interface GigabitEthernet2/1/0/5 port link-mode bridge port access vlan 40 stp edged-port # interface GigabitEthernet2/1/0/6 port link-mode bridge port access vlan 40 stp edged-port # interface GigabitEthernet2/1/0/7 port link-mode bridge port access vlan 40 stp edged-port # interface GigabitEthernet2/1/0/8 port link-mode bridge port access vlan 40 stp edged-port # interface GigabitEthernet2/1/0/9 port link-mode bridge port access vlan 200 stp edged-port # interface GigabitEthernet2/1/0/10 port link-mode bridge port access vlan 200 stp edged-port # interface GigabitEthernet2/1/0/11 port link-mode bridge port access vlan 200 stp edged-port # interface GigabitEthernet2/1/0/12 port link-mode bridge port access vlan 200 stp edged-port # interface GigabitEthernet2/1/0/13 port link-mode bridge port access vlan 200 stp edged-port # interface GigabitEthernet2/1/0/14 port link-mode bridge port access vlan 200 stp edged-port # interface GigabitEthernet2/1/0/15 port link-mode bridge port access vlan 200 stp edged-port # interface GigabitEthernet2/1/0/16 port link-mode bridge port access vlan 200 stp edged-port # interface GigabitEthernet2/1/0/17 port link-mode bridge port access vlan 54 stp edged-port # interface GigabitEthernet2/1/0/18 port link-mode bridge port access vlan 54 stp edged-port # interface GigabitEthernet2/1/0/19 port link-mode bridge port access vlan 54 stp edged-port # interface GigabitEthernet2/1/0/20 port link-mode bridge port access vlan 54 stp edged-port # interface GigabitEthernet2/1/0/21 port link-mode bridge port access vlan 54 stp edged-port # interface GigabitEthernet2/1/0/22 port link-mode bridge port access vlan 54 stp edged-port # interface GigabitEthernet2/1/0/23 port link-mode bridge port access vlan 200 stp edged-port # interface GigabitEthernet2/1/0/24 port link-mode bridge port access vlan 54 stp edged-port # interface GigabitEthernet2/1/0/25 port link-mode bridge port access vlan 54 stp edged-port # interface GigabitEthernet2/1/0/26 port link-mode bridge port access vlan 54 stp edged-port # interface GigabitEthernet2/1/0/27 port link-mode bridge port access vlan 54 stp edged-port # interface GigabitEthernet2/1/0/28 port link-mode bridge port access vlan 54 stp edged-port # interface GigabitEthernet2/1/0/29 port link-mode bridge port access vlan 54 stp edged-port # interface GigabitEthernet2/1/0/30 port link-mode bridge port access vlan 54 stp edged-port # interface GigabitEthernet2/1/0/31 port link-mode bridge port access vlan 54 stp edged-port # interface GigabitEthernet2/1/0/32 port link-mode bridge port access vlan 90 stp edged-port # interface GigabitEthernet2/1/0/33 port link-mode bridge port access vlan 61 stp edged-port # interface GigabitEthernet2/1/0/34 port link-mode bridge port access vlan 90 stp edged-port # interface GigabitEthernet2/1/0/35 port link-mode bridge port access vlan 90 stp edged-port # interface GigabitEthernet2/1/0/36 port link-mode bridge port access vlan 90 stp edged-port # interface GigabitEthernet2/1/0/37 port link-mode bridge port access vlan 90 stp edged-port # interface GigabitEthernet2/1/0/38 port link-mode bridge port access vlan 90 stp edged-port # interface GigabitEthernet2/1/0/39 port link-mode bridge port access vlan 90 stp edged-port # interface GigabitEthernet2/1/0/40 port link-mode bridge port access vlan 90 stp edged-port # interface GigabitEthernet2/1/0/41 port link-mode bridge port access vlan 60 stp edged-port # interface GigabitEthernet2/1/0/42 port link-mode bridge port access vlan 60 stp edged-port # interface GigabitEthernet2/1/0/43 port link-mode bridge port access vlan 60 stp edged-port # interface GigabitEthernet2/1/0/44 port link-mode bridge port access vlan 60 stp edged-port # interface GigabitEthernet2/1/0/45 port link-mode bridge port access vlan 61 stp edged-port # interface GigabitEthernet2/1/0/46 port link-mode bridge port access vlan 61 stp edged-port # interface GigabitEthernet2/1/0/47 port link-mode bridge port access vlan 61 stp edged-port # interface GigabitEthernet2/1/0/48 port link-mode bridge port access vlan 61 stp edged-port # interface GigabitEthernet2/2/0/1 port link-mode bridge port access vlan 71 # interface GigabitEthernet2/2/0/2 port link-mode bridge port access vlan 71 # interface GigabitEthernet2/2/0/3 port link-mode bridge port access vlan 71 # interface GigabitEthernet2/2/0/4 port link-mode bridge port access vlan 71 # interface GigabitEthernet2/2/0/5 port link-mode bridge # interface GigabitEthernet2/2/0/6 port link-mode bridge # interface GigabitEthernet2/2/0/7 port link-mode bridge # interface GigabitEthernet2/2/0/8 port link-mode bridge # interface GigabitEthernet2/2/0/9 port link-mode bridge # interface GigabitEthernet2/2/0/10 port link-mode bridge # interface GigabitEthernet2/2/0/11 port link-mode bridge # interface GigabitEthernet2/2/0/12 port link-mode bridge # interface GigabitEthernet2/2/0/13 port link-mode bridge # interface GigabitEthernet2/2/0/14 port link-mode bridge # interface GigabitEthernet2/2/0/15 port link-mode bridge # interface GigabitEthernet2/2/0/16 port link-mode bridge # interface GigabitEthernet2/2/0/17 port link-mode bridge port access vlan 81 # interface GigabitEthernet2/2/0/18 port link-mode bridge port access vlan 80 # interface GigabitEthernet2/2/0/19 port link-mode bridge port access vlan 80 # interface GigabitEthernet2/2/0/20 port link-mode bridge port access vlan 80 # interface GigabitEthernet2/2/0/21 port link-mode bridge port access vlan 80 # interface GigabitEthernet2/2/0/22 port link-mode bridge port access vlan 80 # interface GigabitEthernet2/2/0/23 port link-mode bridge port access vlan 81 # interface GigabitEthernet2/2/0/24 port link-mode bridge port access vlan 80 # interface GigabitEthernet2/2/0/25 port link-mode bridge port access vlan 81 # interface GigabitEthernet2/2/0/26 port link-mode bridge port access vlan 81 # interface GigabitEthernet2/2/0/27 port link-mode bridge port access vlan 81 # interface GigabitEthernet2/2/0/28 port link-mode bridge port access vlan 81 # interface GigabitEthernet2/2/0/29 port link-mode bridge port access vlan 81 # interface GigabitEthernet2/2/0/30 port link-mode bridge port access vlan 81 # interface GigabitEthernet2/2/0/31 port link-mode bridge port access vlan 81 # interface GigabitEthernet2/2/0/32 port link-mode bridge port access vlan 81 # interface GigabitEthernet2/2/0/33 port link-mode bridge port access vlan 90 # interface GigabitEthernet2/2/0/34 port link-mode bridge port access vlan 90 # interface GigabitEthernet2/2/0/35 port link-mode bridge port access vlan 90 # interface GigabitEthernet2/2/0/36 port link-mode bridge port access vlan 90 # interface GigabitEthernet2/2/0/37 port link-mode bridge port access vlan 90 # interface GigabitEthernet2/2/0/38 port link-mode bridge port access vlan 90 # interface GigabitEthernet2/2/0/39 port link-mode bridge port access vlan 90 # interface GigabitEthernet2/2/0/40 port link-mode bridge port access vlan 90 # interface GigabitEthernet2/2/0/41 port link-mode bridge # interface GigabitEthernet2/2/0/42 port link-mode bridge # interface GigabitEthernet2/2/0/43 port link-mode bridge # interface GigabitEthernet2/2/0/44 port link-mode bridge # interface GigabitEthernet2/2/0/45 port link-mode bridge # interface GigabitEthernet2/2/0/46 port link-mode bridge # interface GigabitEthernet2/2/0/47 port link-mode bridge # interface GigabitEthernet2/2/0/48 port link-mode bridge # interface M-GigabitEthernet1/0/0/0 ip address 10.10.10.57 255.255.255.0 # interface M-GigabitEthernet1/0/0/1 # interface M-GigabitEthernet1/0/0/2 # interface M-GigabitEthernet1/0/0/3 # interface Ten-GigabitEthernet1/0/0/29 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 qos apply policy re inbound port link-aggregation group 1 # interface Ten-GigabitEthernet1/0/0/30 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface Ten-GigabitEthernet1/0/0/31 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface Ten-GigabitEthernet1/0/0/32 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface Ten-GigabitEthernet1/0/0/33 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 port link-aggregation group 2 # interface Ten-GigabitEthernet1/0/0/34 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 port link-aggregation group 2 # interface Ten-GigabitEthernet2/0/0/29 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 qos apply policy re inbound port link-aggregation group 1 # interface Ten-GigabitEthernet2/0/0/30 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface Ten-GigabitEthernet2/0/0/31 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface Ten-GigabitEthernet2/0/0/32 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface Ten-GigabitEthernet2/0/0/33 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface Ten-GigabitEthernet2/0/0/34 port link-mode bridge port link-type trunk undo port trunk permit vlan 1 port trunk permit vlan 2 to 4094 # interface Ten-GigabitEthernet1/0/0/35 # interface Ten-GigabitEthernet1/0/0/36 # interface Ten-GigabitEthernet2/0/0/35 # interface Ten-GigabitEthernet2/0/0/36 # multicast routing # scheduler logfile size 16 # line class aux user-role network-admin # line class vty user-role network-operator # line aux 1/0 2/1 user-role network-admin # line vty 0 4 authentication-mode scheme user-role network-operator # line vty 5 63 user-role network-operator # ip route-static 0.0.0.0 0 10.100.200.57 ip route-static 10.21.0.0 16 10.100.110.248 ip route-static 10.22.0.0 16 10.100.110.248 ip route-static 10.80.100.0 24 10.80.100.1 ip route-static 10.81.100.0 24 10.81.100.1 ip route-static 10.100.110.0 24 10.100.110.241 ip route-static 10.100.120.0 24 10.100.1.250 ip route-static 10.100.121.0 24 10.100.1.250 ip route-static 10.100.122.0 24 10.100.1.250 ip route-static 10.100.123.0 24 10.100.1.250 ip route-static 10.100.124.0 24 10.100.1.250 ip route-static 10.100.125.0 24 10.100.1.250 ip route-static 10.100.126.0 24 10.100.1.250 ip route-static 10.100.127.0 24 10.100.1.250 ip route-static 10.100.128.0 24 10.100.1.250 ip route-static 10.100.129.0 24 10.100.1.250 ip route-static 10.100.130.0 24 10.100.1.250 ip route-static vpn-instance jiankong 10.100.56.62 32 vpn-instance oa 10.100.56.62 ip route-static vpn-instance oa 0.0.0.0 0 10.100.200.57 ip route-static vpn-instance oa 10.100.34.0 24 vpn-instance jiankong 10.100.34.242 # info-center logbuffer size 1024 # snmp-agent snmp-agent local-engineid 800063A280905D7C41380100000001 snmp-agent community read Nhadmin@h3cr snmp-agent community write Nhadmin@h3cw snmp-agent sys-info version v2c v3 snmp-agent target-host trap address udp-domain 10.100.200.250 params securityname Nhadmin@h3cr v2c snmp-agent trap enable arp snmp-agent trap enable radius snmp-agent trap enable stp snmp-agent trap enable syslog # ntp-service enable ntp-service unicast-server 10.100.200.201 ntp-service unicast-server 10.100.200.201 vpn-instance oa # acl advanced 3000 rule 5 deny ip destination 10.100.80.1 0 rule 100 permit ip # acl advanced 3010 rule 0 permit ip source 10.100.1.10 0 destination 10.100.1.21 0 rule 5 permit ip source 10.100.1.21 0 destination 10.100.1.10 0 # acl advanced 3011 rule 0 permit ip source 10.100.1.10 0 destination 10.100.1.254 0 rule 1 permit ip source 10.100.1.10 0 destination 10.100.1.3 0 rule 5 permit ip source 10.100.1.254 0 destination 10.100.1.10 0 rule 100 deny ip # acl advanced 3012 # acl advanced 3013 # acl advanced 3015 rule 0 permit ip vpn-instance oa source 10.100.200.1 0 destination 10.100.200.2 0 rule 5 permit ip vpn-instance oa source 10.100.200.2 0 destination 10.100.200.1 0 rule 10 permit ip vpn-instance oa source 10.100.200.1 0 destination 10.100.200.254 0 # acl advanced 3888 rule 0 permit ip source 10.100.1.233 0 destination 224.10.1.175 0 # acl advanced 3889 rule 5 permit ip destination 224.10.1.75 0 rule 10 permit ip destination 224.10.7.75 0 rule 15 permit ip destination 224.10.10.75 0 # acl advanced 3890 rule 0 permit ip destination 224.10.7.75 0 # domain system # domain default enable system # role name level-0 description Predefined level-0 role # role name level-1 description Predefined level-1 role # role name level-2 description Predefined level-2 role # role name level-3 description Predefined level-3 role # role name level-4 description Predefined level-4 role # role name level-5 description Predefined level-5 role # role name level-6 description Predefined level-6 role # role name level-7 description Predefined level-7 role # role name level-8 description Predefined level-8 role # role name level-9 description Predefined level-9 role # role name level-10 description Predefined level-10 role # role name level-11 description Predefined level-11 role # role name level-12 description Predefined level-12 role # role name level-13 description Predefined level-13 role # role name level-14 description Predefined level-14 role # user-group system # local-user admin class manage password hash $h$6$bur9wZTO3bzsQ96a$lQhcBhfKPvJeByhvR3zDU3ykj7qJKUu1FZa4uH67OtMpmFAoVdRfwOHK/yO2xCw3IGQlESDsI0QfecggiQ6nXw== service-type ftp service-type telnet http https authorization-attribute user-role level-15 authorization-attribute user-role network-operator # ip http enable ip https enable # return
已将两条静态路由从交换机中删除
你这需求没啥必要用vpn实例隔开,直接网关下配置acl就好了。实例互通,静态路由后面有带实例?
(0)
在网络已经将所有业务用VPN实例隔离开的前提下,要实现这个功能。 ip route-static vpn-instance jiankong 10.100.56.1 32 vpn oa 10.100.56.1 ip route-static vpn-instance oa 10.100.34.0 24 vpn shipin 10.100.34.240
在网络已经将所有业务用VPN实例隔离开的前提下,要实现这个功能。 ip route-static vpn-instance jiankong 10.100.56.1 32 vpn oa 10.100.56.1 ip route-static vpn-instance oa 10.100.34.0 24 vpn shipin 10.100.34.240
路由泄露需要两个VPN都做,保证两个VPN都有相应的源目地址。
OA 个别地址可以访问 jiankong,jiankong不能访问OA,可以在相应的接口用包过滤把包过滤掉就可以了。
模拟器通 物理机不通,这个好像没遇到过;一般是物理机通,模拟器不通的几率大点儿
(0)
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作
举报
×
侵犯我的权益
×
侵犯了我企业的权益
×
抄袭了我的内容
×
原文链接或出处
诽谤我
×
对根叔社区有害的内容
×
不规范转载
×
举报说明
已将两条静态路由从交换机中删除